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I. REAL PARTY IN INTEREST 

The real party in interest is Brocade Communications Systems, Inc. 

II. RELATED APPEALS AND INTERFERENCES 
None. 

III. STATUS OF CLAIMS 

Claims 1-29 and 54 are rejected and are appealed. Claims 30-53 were subject to a 
restriction requirement, and have been cancelled. (It is noted that these claims are pending in 
various divisional applications.) 

IV. STATUS OF AMENDMENTS 
None filed 

V. SUMMARY OF CLAIMED SUBJECT MATTER 

This section provides a concise explanation of the subject matter defined in each of the 
independent claims involved in the appeal, referring to the specification by paragraph and line 
number and to the drawings by reference characters as required by 37 CFR § 41.37(c)(l)(v). 
Where applicable, each element of the claims is identified with a corresponding reference to the 
specification and drawings. Citation to the specification and/or drawings does not imply that 
limitations from the specification and drawings should be read into the corresponding claim 
element. Additionally, references are not necessarily exhaustive, and various claim elements 
may also be described at other locations. 

Independent claim 1 recites network configuration entity configured or adapted to 
exclusively control a defined set of management functions throughout a secure network (Tf 0080, 
11. 1-13; Fig. 10, element 1022). The claim further recites: 

• that the secure network comprises a plurality of switching devices (Fig. 10, 
elements 1001-06); and 

• that the set of management functions comprises the recognition, operation and 
succession of the network configuration entity (T| 0080, 11. 7-8). 
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Dependent claim 2 depends from claim 1 and further recites that the network 
configuration entity include: 

• a memory 5 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing an NCE list, said 
NCE list comprising an indication of each device in the network that may operate 
as said network configuration entity (Tf 0083, 11. 2-4; Figs 11a, 1 lb & 1 Ic). 

Dependent claim 5 depends (indirectly) from claim 1 and fiirther recites that the network 
configuration entity includes: 

• a memory (^1 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing a DCC list, said 
DCC list associated with said one or more rules for interaction between and 
among devices and comprising definitions that logically bind a port on the 
network configuration entity, to one or more other ports resident in the secure 
network (110126-11 0130). 

Dependent claim 6 depends (indirectly) from claim 1 and fiirther recites that the network 
configuration entity includes: 

• a memory (H 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing a DCC list, said 
DCC list associated with said one or more rules for interaction between and 
among devices and comprising definitions that logically bind each port in said 
secure network to one or more other ports resident in said network (^ 0126-1} 
0130). 

Dependent claim 10 depends (indirectly) from claim 1 and further recites that the 
network configuration entity includes: 

• a memory (H 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing an MAC list, 
said MAC list comprising an indication of network endpoints from which 
management access is acceptable (H 01 13-1| 0123). 

Independent claim 17 recites a network configuration entity configured or adapted to 
exclusively control a defined set of management fiinctions throughout a secure network (H 0080, 
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11. 1-13; Fig. 10, element 1022), said secure network comprising a plurality of switching devices, 
said set of management functions comprising (i) the recognition, operation and succession of the 
network configuration entity (T[ 0080, 11. 7-8), (ii) switch connection controls for designating 
devices to participate in the secure network (][ 0080, 11. 8-9), (iii) device connection controls that 
indicate port relationships in said secure network (T| 0080, 11. 9-10), and (iv) management access 
controls that restrict management services to a defined set of endpoints (T| 0080, 11. 10-11), said 
network configuration entity comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (^1 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an NCE list, said NCE list comprising an indication of each device in the 
network that may operate as said network configuration entity (T| 0083, 11. 
Figs 11a, lib & 11c), 

o an sec list, said SCC list comprising an indication of each device allowed 
to participate in said secure network (]1 0131-]] 0133), 

o a DCC list, said DCC list associated with said one or more rules for 
interaction between and among devices and comprising definitions that 
logically bind a port on the network configuration entity, to one or more 
other ports resident in the secure network (T| 0126-TI 0130), and 

o a MAC Ust, said MAC list comprising an indication of network endpoints 
fi-om which management access is acceptable (T| 01 13-T| 0123). 

Independent claim 1 8 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management functions is controlled 
throughout said secure network by a network configuration entity (Tf 0080, 11. 1-13; T| 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
fiinctions comprising (i) the recognition, operation and succession of the network configuration 
entity (][ 0080, 11. 7-8), (ii) switch connection controls for designating devices to participate in 
the secure network (][ 0080, 11. 8-9), (iii) device connection controls that indicate port 
relationships in said secure network (Tf 0080, 11. 9-10), and (iv) management access controls that 
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restrict management services to a defined set of endpoints (]{ 0080, 11. 10-11), the Fibre Channel 
switching device comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (H 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an NCE list, said NCE list associated with said recognition, operation and 
succession of the network configuration entity and comprising an 
indication of each device in the network that may operate as said network 
configuration entity 0083, 11. 2-4; Figs 11a, lib & 11c), 

o an sec list, said SCC list associated with said switch connection controls 
and comprising an indication of each device allowed to participate in said 
secure network 0131-11 0133), 

o a DCC list, said DCC list associated with said device connection controls 
and comprising definitions that logically bind a port on the network 
configuration entity, to one or more other ports resident in the secure 
network 0126-11 0130), and 

o a MAC list, said MAC list associated with said management access 
controls and comprising an indication of network endpoints from which 
management access is acceptable 01 13-^1 0123). 

Independent claim 19 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management functions is controlled 
throughout said secure network by a network configuration entity 0080, 11. 1-13; ^ 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
fimctions comprising (i) the recognition, operation and succession of the network configuration 
entity 0080, 11. 7-8), and (ii) switch connection confrols for designating devices to participate 
in the secure network 0080, 11. 8-9), the Fibre Channel switching device comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (^ 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an NCE list, said NCE list associated with said recognition, operation and 
succession of the network configuration entity and comprising an 
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indication of each device in the network that may operate as said network 
configuration entity 0083, 11. 2-4; Figs 1 la, 1 lb & 1 Ic), and 
o an sec list, said SCC list associated with said switch connection controls 
and comprising an indication of each device allowed to participate in said 
secure network 0131-11 0133). 

Independent claim 20 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management functions is controlled 
throughout said secure network by a network configuration entity 0080, 11. 1-13; Tl 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) the recognition, operation and succession of the network configuration 
entity (Tf 0080, 11. 7-8), and (ii) device connection controls that indicate port relationships in said 
secure network 0080, 11. 9-10), said Fibre Channel switching device comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (1| 0058, II. 7-9; Fig. 2, elements 208, 210) for storing 

o an NCE list, said NCE list associated with said recognition, operation and 
succession of the network configuration entity and comprising an 
indication of each device in the network that may operate as said network 
configuration entity, and 

o a DCC list, said DCC list associated with said device connection controls 
and comprising definitions that logically bind a port on the network 
configuration entity, to one or more other ports resident in the secure 
network (110126-Tl 0130). 

Independent claim 21 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management fiinctions is controlled 
throughout said secure network by a network configuration entity (][ 0080, 11. 1-13; ^ 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) the recognition, operation and succession of the network configuration 
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entity (][ 0080, 11. 7-8), and (ii) management access controls that restrict management services to 
a defined set of endpoints (][ 0080, 11. 10-1 1), said Fibre Channel switching device comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (H 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an NCE list, said NCE list associated with said recognition, operation and 
succession of the network configuration entity and comprising an 
indication of each device in the network that may operate as said network 
configuration entity 0083, 11. 2-4; Figs 1 la, 1 lb & 1 Ic), and 

o a MAC list, said MAC list associated with said management access 
controls and comprising an indication of network endpoints fi-om which 
management access is acceptable (T| 01 13-T| 0123). 

Independent claim 22 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management functions is controlled 
throughout said secure network by a network configuration entity (]] 0080, 11. 1-13; ^ 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) switch connection controls for designating devices to participate in the 
secure network (T| 0080, 11. 8-9), and (ii) device connection controls that indicate port 
relationships in said secure network, said Fibre Channel switching device comprising (T| 0080, 11. 
9-10): 

• a processor (Fig. 2, element 202); and 

• a memory (^ 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an sec list, said SCC list associated with said switch connection controls 
and comprising an indication of each device allowed to participate in said 
secure network (If 0131-11 0133), and 

o a DCC list, said DCC list associated with said device connection controls 
and comprising definitions that logically bind a port on the network 
configuration entity, to one or more other ports resident in the secure 
network (11 0126-11 0130). 
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Independent claim 23 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management functions is controlled 
throughout said secure network by a network configuration entity (][ 0080, 11. 1-13; ^ 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) switch connection controls for designating devices to participate in the 
secure network 0080, 11. 8-9), and (ii) management access controls that restrict management 
services to a defined set of endpoints (T| 0080, 11. 10-11), said Fibre Channel switching device 
comprising: 

• a processor (Fig. 2, element 202); and 

• a memory 0058, 11. 7-9; Fig. 2, elements 208, 210) for storing 

o an sec list, said SCC list associated with said switch connection controls 
and comprising an indication of each device allowed to participate in said 
secure network (If 0131-11 0133), and 

o a MAC list, said MAC list associated with said management access 
controls and comprising an indication of network endpoints fi'om which 
management access is acceptable 01 13-^1 0123). 

Independent claim 24 recites a Fibre Channel switching device configured or adapted to 
operate in a secure network wherein a defined set of management fiinctions is controlled 
throughout said secure network by a network configuration entity (^I 0080, 11. 1-13; ^ 0082, 11. 4- 
7), said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) device connection controls that indicate port relationships in said secure 
network (T[ 0080, 11. 9-10), and (ii) management access controls that restrict management 
services to a defined set of endpoints (T| 0080, 11. 10-11), said Fibre Channel switching device 
comprising: 

• a processor (Fig. 2, element 202); and 

• a memory (^ 0058, 11. 7-9; Fig. 2, elements 208, 2 1 0) for storing 

o a DCC list, said DCC list associated with said device connection controls 
and comprising definitions that logically bind a port on the network 
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configuration entity, to one or more other ports resident in the secure 
network 0126-11 0130), and 
o a MAC list, said MAC list associated with said management access 
controls and comprising an indication of network endpoints from which 
management access is acceptable (T| 01 13-T| 0123). 

Independent claim 25 recites a network comprising a network configuration entity and 
one or more other entities (Fig. 10), said network configuration entity having network- wide 
control over a defined set of management functions (T[ 0080, 11. 1-13), said set of management 
functions comprising: 

• the recognition, operation and succession of the network configuration entity (Tf 
0080, 11. 7-8); 

• one or more rules for interaction between and among entities in the network (Tf 

0080, 11. 8-9); 

• one or more rules governing management level access to the network (Tf 0080, 11. 
10-11); and 

• one or more rules goveming management level access to one or more entities (T| 
0093). 



Dependent claim 26 depends from claim 25 and further recites that: 

• said function of recognition, operation and succession of the network 
configuration entity is associated with a list of network devices that are eligible to 
become equivalent to said network configuration entity (T| 0083, 11. 2-4; Figs 11a, 
lib & 11c). 



Dependent claim 27 depends from claim 25 and further recites that: 

• the network configuration entity has exclusive confrol over one or more of said 
management functions (][ 0080, 11. 1 1-13). 
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Dependent claim 28 depends from claim 25 and further recites that the network: 

• further comprises one or more back-up network configuration entities 0082, II. 
1-6). 

Dependent claim 29 depends from claim 25 and fiirther recites that: 

• each of said security and management functions corresponds with a data structure 
in a memory 01 13-T1 1033). 

Independent claim 54 is drawn to a method of securing a network having a Fibre Channel 
switching device configured or adapted to operate in a secure network wherein a defined set of 
management fimction is confroUed throughout said secure network by a network configuration 
entity, said method comprising the steps of: 

• controlling the recognition, operation and succession of the network configuration 
entity by designating an NCE list comprising an indication of each device in the 
network that may operate as said network configuration entity (Tf 0080, 11. 7-8; ^ 
0083, 11. 2-4); 

• designating a unique name for each devices that may participate in the secure 
network (H 0080, 11. 8-9; 1 0131-11 0133); 

• indicating port relationships in said secure network to specifically delineate a list 
of unique names for ports that any given port may communicate with (If 0080, 11. 

9- 10; 110126-11 0130); and 

• restricting management access to a pre-defined set of access methods (H 0080, 11. 

10- 11; HOI 13-11 0123). 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

Claims 1-9, 11-16, and 25-29 were rejected under 35 U.S.C. § 103(a) as obvious over 
U.S. Pre-Grant Publication 2003/0208589 to Yamamoto et al. ("Yamamoto") in view of U.S. 
Pre-Grant Publication 2002/0174207 to Battou ("Battou"). Review of this rejection is sought. 
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Claims 10, 17-24, and 54 were rejected under 35 U.S.C. § 103(a) as obvious over 
Yamamoto and Battou in further view of U.S. Pre-Grant Publication 2004/0015957 to Zara et al. 
("Zara"). Review of this rejections is sought. 

VII. ARGUMENT 

The claims do not stand or fall together. Instead, Appellants present separate arguments 
for various independent and dependent claims. After a concise discussion of cited art, each of 
these arguments is separately argued below and presented with separate headings and sub- 
heading as required by 37 CFR § 41.37(c)(l)(vii). To aid in review of the Office Action, certain 
rejections have been copied into this brief. Arguments as to the rejection then follow. 

A. The Rejection Of Claims 1-9, 11-16, And 25-29 As Obvious Over Yamamoto 
In View Of Battou Is Improper 

1. The Rejection Of Claims 1 And 25-29 Is Improper 
As noted above, claims 1 and 25-29 were rejected under 35 U.S.C. § 103(a) as obvious 

over Yamamoto in view of Battou. Specifically, these claims were rejected as follows: 
8. With regards to claims 1, 25-29, Yamamc^o teaches a network ccsifiguration 
entity configured or adapted to exclusively control a defined set of management 
functions Ihrougti a secure network {YBinaii'oto, paragraph 0059). said secured network 
comprising a piuraiity of switching devices (Yamamoto, paragraph 0001 ). and set said 
of management flinctions comprising recogniticsi and operation (Yamamoto, paragraphs 
01 19, 0128). Yamamoto fails to teach the management functions including succession. 
However, Battou teadies the management functions including succession (Battou, page 
1 paragraph 0008). At the time the invention was rr^ade, it would have been obvious to 
one of ordinary skill in the art to uiiiize Battou's rneihod of succession for management 
servers because it offers the advantage of irrip^oving !he viability of the network by 
providing a greater degree of fault tolerance thus ensuring that network remains 
available in the event of a management server failure (Battou, paragraphs 0005-0007) 

Final Rejection at pp. 4-5. This rejection is improper for at least the reasons set forth below. 

Yamamoto relates to methods for identifying configuration inconsistencies in a Fibre 

Channel network. See Yamamoto at Abstract. Brief inspection of Yamamoto suggests that the 
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system of Yamamoto operates by collecting information about a Fibre Channel network into a 
variety of tables and checking these tables for inconsistencies that would render the network 
inoperative. See id. at [0 1 1 9]-[0 161]. 

Battou has nothing at all to do with Fibre Channel Networks. Battou relates to network 
management systems that include distributed network managers have responsibility for certain 
portions of the network. See Battou at Abstract. The network managers can detect when another 
network manager is not functioning correctly, and can, without operator intervention, elect one 
of themselves to take over the functions of the malfunctioning/non-functioning counterpart. See 
id. Moreover, the system of Battou contemplates that the management network is a separate, 
out-of-band network from the underlying communications network. Id. at [0002]-[0004]. 

Conversely, Claim 1 is drawn to a network configuration entity that is "configured or 
adapted to exclusively control a defined set of management functions throughout a secure 
network" where the set of management functions includes "the recognition, operation and 
succession of the network configuration entity." The rejection set forth above parses the words 
of claim 1 so finely as to eviscerate the limitation. As noted above, claim 1 requires that the 
network configuration entity "exclusively control a defined set of management functions 
throughout a secure network" and that the set of management functions include "recognition, 
operation and succession of the network configuration entity." Thus, the claim requires that a 
network configuration entity exclusively control three things — (1) recognition of the network 
configuration entity, (2) operation of the network configuration entity, and (3) succession of the 
network configuration entity — throughout the secure network. 

Examiner concedes that "Yamamoto fails to teach the management functions including 
succession." Final Rejection at p. 4. While this statement is certainly true, the limitation of 
claim 1 missing from Yamamoto is not merely succession of the network configuration entity, 
but rather exclusive control of succession of the network control entity throughout the network. 
This renders Examiner's reliance on Battou for this teaching inappropriate. Battou does not 
teach that any entity has exclusive control of succession throughout the network. Rather, Battou 
teaches exactly the opposite, namely that a plurality of devices share control over recognition, 
operation and succession of the network configuration entity. 
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For example, at paragraph [0008] Battou describes "a hierarchical network management 
system in which a plurality of NMS managers, each responsible for different portions or 
aggregations of a communications network, are logically arranged in a tree structure." The fact 
that there are multiple NMS managers, each responsible for different portions of the network 
completely negates the contention that any one of these devices maintains exclusive control over 
the required parameters. Battou goes on to explain that: "The NMS managers within each sub- 
group monitor the status of one another in order to detect when one of them is no longer 
operational. If this happens, the remaining operational NMS managers of the sub-group 
collectively elect one of them to assume the responsibility of the non-operational NMS 
manager." Collectively deciding upon an order of succession for a failed network component is 
antithetical to claim 1, which requires that the network configuration entity maintain exclusive 
control over, among other things, "succession of the network configuration entity." 

In summary, Battou may teach succession of control entities, but Battou clearly teaches 
exactly the opposite of exclusive control (i.e., shared control). Therefore, the combination of 
Yamamoto (which teaches control of things other than "succession of the network entity") and 
Battou (which, at most, teaches shared control of "succession of the network entity") fails to 
teach or suggest each limitation of claim 1. Therefore, the rejection of claim 1 as obvious over 
Yamamoto in view of Battou is improper. 

Moreover, the combination of Yamamoto with Battou is inappropriate. Yamamoto 
relates to Fibre Channel networking, while Battou relates to out-of-band management networks 
for communication networks. Because of the drastic differences between these types of 
networks, Examiner's statement that it would have been obvious to combine Battou with 
Yamamoto is merely a self-serving conclusion and not an articulated reason why one of ordinary 
skill in the art would have combined these two fimdamentally different technologies. Besides, 
the combination of Battou with Yamamoto is clearly improper in view of the fact that Battou' s 
disclosure of shared, distributed control teaches away fi-om exclusive control, as recited in claim 
1. The lack of an articulated reason that one of ordinary skill in the art would combine the 
teachings of Battou with Yamamoto provides a separate, independent reason why the rejection of 
claim 1 is improper. 
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The Examiner's response to these arguments, presented at p. 2 of the Final Rejection, do 
not provide any rebuttal of these arguments. Examiner concedes that Battou merely teaches 
management control of succession (clearly leaving out the recitation in the claim that the control 
of succession be "exclusive"). Examiner further fails to address the lack of any articulated 
reason why one of ordinary skill in the art would combine the disparate Battou and Yamamoto 
references. Thus, the Examiner's response provides no reason why the rejection of claim 1 
should not be reversed as improper. 

As can be seen from Examiner's rejection of claim 1 (reproduced above), independent 
claim 25 and claims 26-29 depending therefrom were rejected using exactly the same rationale 
as the rejection of claim 1. Despite the fact that claim 25 is a separate independent claim having 
different limitations than claim 1, Examiner has failed to provide any separate analysis of claim 
25. Nonetheless, the rejection of claim 25 is improper for at least the reasons set forth above 
with respect to claim 1 . 

More specifically, claim 25 recites a network comprising "a network configuration entity 
that has network-wide control over a defined set of management functions" including "the 
recognition, operation and succession of the network configuration entity..." (emphasis added). 
As described in greater detail above, the Examiner has conceded that Yamamoto has no teaching 
or suggestion at all relating to the control of succession of the network configuration entity. 
Fiirthermore, Battou contains no teaching or suggestion of any device that has network-wide 
control over anything — including succession of the network configuration entity." Moreover, 
Examiner's rejection of claim 25 provides no articulation of any reason why one of ordinary skill 
in the art would combine Yamamoto with Battou. Therefore, the rejection of claim 25 is 
improper for essentially the same reasons set forth above with respect to claim 1 and should, 
therefore, be reversed. 

While Examiner has not specifically addressed claim 26, which depends fi-om claim 25, 
claim 26 is separately patentable over Yamamoto and Battou. Claim 26 recites that in the 
network of claim 25 "recognition, operation and succession of the network configuration entity is 
associated with a list of network devices that are eligible to become equivalent to said network 
configuration entity." Examiner has provided no citation to any reference teaching this 
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limitation. Moreover, neither reference includes any such teaching. Thus, the rejection of claim 
28 is improper and should be reversed. 

Similarly, Examiner has not specifically addressed claim 28, which also depends from 
claim 25. Claim 28 is also separately patentable over Yamamoto and Battou. Claim 28 recites 
that the network of claim 25 further comprises "one or more back-up network configuration 
entities." Yamamoto clearly lacks any such teaching. While the Examiner contends that Battou 
teaches succession of certain network entities, these are not "network configuration entities" as 
required by claim 28 because the entities of Battou do not have "network-wide" control. Thus, 
the rejection of claim 28 is also improper and should be reversed. 

2. The Rejection Of Claim 2 Is Improper 

Claim 2 depends from claim 1 and further recites that the network configuration entity of 
claim 1 include a memory for storing an NCE list "comprising an indication of each device in the 
network that may operate as said network configuration entity." Examiner implicitly concedes 
that Yamamoto contains no such teaching, as he relies on Battou at ^ [0268]-[0271], 
reproduced below: 
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Responding to the Examiner's rejection in any significant detail is virtually impossible, 
as nothing in these cited paragraphs describes anything even resembling an NCE list "comprising 
an indication of each device in the network that may operate as said network configuration 
entity," nor has the Examiner indicated what portions of this passage meet the cited limitation. 
Examiner response to this argument at p. 3 of the final rejection provides no further citation, 
explanation, or analysis. Therefore, the rejection of claim 2 is improper and should be reversed. 

3. The Rejection Of Claims 5 And 6 Is Improper 

Claims 5 and 6 depend (indirectly) from claim 1 and further recite that the network 
configuration entity includes a memory for storing a DCC list "associated with said one or more 
rules for interaction between and among devices...." Examiner cites Yamamoto at Fig. 11 and 
Tl [0042] as teaching this limitation. Figure 1 1 of Yamamoto is a diagram of a "Topology 
Table," which is described at ^ [0105]-[01 12]. Review of this passage shows that the topology 
table is created by the SAN manager by combining various other tables. Nothing in this passage 
(or Fig. 11) suggests that the information contained in the topology table is "associated with said 

17 



1 12-0020US Revised Appeal Brief 



Application No. 10/066,251 
Appeal Brief 

one or more rules for interaction between and among devices...." Moreover, ^ [0042] cited by 
Examiner has nothing to do with Fig. 1 1 , and instead describes basic information about Fibre 
Channel zoning. Again, nothing in this passage has anjrthing to do with "one or more rules for 
interaction between and among devices...." Examiner's recitation of conventional Fibre 
Channel zoning (as described in the cited T| [0042]) does not provide any additional justification 
for the rejection of claims 5 and 6, as the cited references plainly fail to teach the relevant 
limitation, or even anything similar to the relevant limitation. Therefore, the rejections of claims 
5 and 6 are improper and should be reversed. 

4. The Rejection Of Claim 16 Is Improper 

Claim 16 depends (indirectly) from claim 1 and further recites that the network 

configuration entity of claim 1 include a memory for storing an SCC list "comprising a list of 

devices authorized to participate in said secure network." Examiner cites two paragraphs of 

Yamamoto (TfH [0001], [0096], [0098], & [0120]) and three paragraphs of Battou (Ift [0302] & 

[0306]-[0307]) as teaching the required SCC list. Each of these passages is reproduced below, 

with comments following: 

[flOftl] Oie preseE*. invention lelatcs gefliBrally to stomge 
ne;twork$, and more particularly tf> tet^miqises for central- 
ized coafiguration. managemeni fbr servers, switches, ami 

disk subsystems in storage oetworfe. 

As can be plainly seen, ^ [0001] of Yamamoto says nothing at all about an SCC list "comprising 
a list of devices authorized to participate in said secure network." 

\mm\ 1<K;v 9^-% llu u i^prvscnuhvc I UN Ma<-k-' 

Ehc i Rstm fn\emsun llx^^. Uhks j n^MJt ix inh rtv.m >}i 
t f tht I iiN MaskitK c iifiaiM J iJ . d.sk sins\skii3 
thtst tabks ari the ptrmis^iou lisl « j L.Kh I VN m i SAK 
Vvhcii IF idmioLstn^or s|>tv3K i!k I f N ts K ttt^,vsidor 
not to K ckvessed h\ Elk sptcti td ln*^t poii \! ui^g^^mcnl 
A^trt BiWI st«>r,. s lIk 1 UN ^ la^kiim ahgm iiior m ihtst 
ubks {ft a s|Kcjj-K vfuUvUiaKiSt, thi,^c tahks uH«|fisv 
coiuf^n^ {or *t host [.on ll> and dn i UN nuiskng 

coniigtii'atK-sii hst (920). 
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LUN Masking Configuration Lisi (92(1) is a list of 
peroiissioo settings for each bindiDg in a server, lliis column 
has several sub-oo.iura.os, each of w.hich is specified to the 
biadiog. If the specified host port can acc«jss the specified 
binding LU, the value of its sub-column in tlic list is "OK". 
If not, the value k ''NG". 

Again, ^ [0096] and [0098] of Yamamoto say nothing at all about an SCC list "comprising a list 

of devices authorized to participate in said secure network." At most these passages teach a 

LUN (Logical Unit Number) masking table, which describe whether specific host ports are 

allowed to access certain portions of the network. This is not the same thing as a list of devices 

authorized to participate in the secure network. 

[0i2tt] Tfe SAN Maaager mum dlsc^ovcfs rhe SAN 
devices based the Discovery t..ist .14.110^ and SAN 
MiiBAger .140IM) a)llecis the c«Mlgurati«a Momiattej from 
the M'anaisemen^ A^mt h a SAN device. f Siep 1'he 
SAM Msmger I40ft0 s^ssrcs nU. the coalxgmJim mtoms^- 
tioii in IbelbpDksgy iRe]x>sitory 1412B. If any updates exist, 
the SAN Maoaaes- stores Uie oy configucaiioii Ite 

Cbnfigufatioa llisiory Isble 1414tt. [Step 1320| The SAN 
Manner 14tWB make* or wpd&icn the Topolo^'fiibk 14130 
bailed on the 'Toptvlogy Re.(x>sitory i412fSi. [Step 1330] "lliesSj 
the SAN MaLTi&gttf i4IKM» oidpu§.s die rcaiil^. [Btcp 134^)] 
Pmcessijig continues with step 

Paragraph [0120] of Yamamoto likewise contains no teaching or suggestion of an SCC hst 

"comprising a Hst of devices authorized to participate in said secure network." At most this 

passage teaches a list that contains information about devices that are connected to the network, 

without regard to whether they are authorized or not, and contains no information about devices 

that are not connected to the network, again without regard to whether they are authorized or not. 
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[03112] Acom^^iosi ntS^v» rk ni^^nasiCBTitn* ^-Rterktce 342l>at 

scmt-cs 3410, vtoU ihv-f XM8s(Xsn^ 3415. .^iid ih) 
contk\i«f.5l>ot! 3435, >Timi.in- mn 3430, 

344(S>^ijkm.n.^;vj 3445 4 . .^rU.f 1. fvc m u\ii>u 3450. 
wMiwh ]r<H 4\ iL itoii u •^.uuLt.'-v sen. 3435, su h 

. jid foo-il^KV nut j^'Li ^444> 1 V LhUhiv strs.r or 
-vt\>.rs uH\ viijrk irK^u'UiKiH ti' Jic ti ir i^it, rv 3425, 3430, 
3445 ii^J 345U Ibo it^tcflact 3420 svsy }>i<H tdcs 'st-t^ st-t 
of ciicot mierfscos that moMtk RMlJ OB snd <X)RRA, 
which alit>vi tbt c;unci u> Uitcgiak^ Ihc NMS with ilicir 

AOltffdCt, Ilx mttri^ct; 3420 be coonpatibk With mJus- 
try staadards wbes-e posj^bie. 

Paragraph [0302] of Battou also lacks any disclosure of an SCC list "comprising a list of devices 
authorized to participate in said secure network." 
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[MW] Thi: amligm-aliow 5i5an;ttit;r 3425 provides swjtdi 
kvel vfew of ihv NMS^ may pniv^Je funork iis mi;ku1l<i^> 
pf6ivi*jK>()inji; of iht: Node M*ssogcrs aiKl I t'Ms, 'ik^sns 
conlrol, and insJalLifiim asid M|igf.'j[Jf sit^ip<Mt Wk <i niH;ij- 
Tdtim iflims^es" may tilno 4.-nah1c tbi, r, i, c , vi<< UK 

m ^ciTk-'C "Ik o^m ji;\5i;stsim s-0-,in4m.'j t^^.tv «,i>lkvi. swik'b 

[(I.^J?] rhi lu'omitjcixm misii^sjer 3430 provides i \'i3y lo 

c^nntx'lioas, Ihi CkHS£3<x*lioo m;mager 34311 &u|>|x>f Is >ur.ipk* 
CFOss connects as wt-ll ersd-to-eod connections travcrsmg 
ihe esdre network. Tin: mvj is abk to dtctale csacl path 
ot a Ujihi ftiih by nu*^u ^picifv^i^^' she foris snd cr:-,?^ 
con uvK [o u^c .it .ai o S ! >u ili^' u ^^.s t\A\ odK spct'tly tht 
eadpotOlN .ntd k-t Tilt t k^sn^vcthsti rb,is-,ti:^,( N<t isp the anj- 
rR.ci3t''ri atUtuj atic;slh ( i* t'v j .<lh\ t rJpojul^ of .s. ci. >tJKcc- 
tioti afc OA i\in\ .mJ ih( mk arKduk- p^v, .^sc j'l*p>Ms, 
lilt; user snay iilsi.* sckcl a vvavokfigth tor ihc coiUKCiichi. 
The types of csiiinec-dnsas s,up|wirieti kclude Pemtaficnt 
Opiicai Ckeuil <POC), Switdicd OpiicA Circiiii (SOCj, 
wdl as Sn$.itl Perm*sn<Jiit Opucal Citcwit (SPC>C). SOC aad 
Sl*(j<' voniKcisiitis are routed by itse network clcmen? rom- 
iisg .>u<^ skfi^sHog pkises, SOC coxtaectsORS. a?c ftvasUWe fur 
viewing only. 

Finally, [0306]-[0307] of Battou also fails to teach or suggest anything relating to an SCC list 
"comprising a list of devices authorized to participate in said secure network." Moreover, this 
passage also makes abmdantly clear that it is talking about telecommunication provider optical 
fiber networks, and not Fibre Channel networks, thus reinforcing the impropriety of combining 
Battou with Yamamoto set forth above. 

Therefore, the rejection of claim 16 as obvious over Yamamoto in view of Battou is 
improper and should be reversed. 

5. The Rejection Of Claims 3^, 7-9, and 11-15 Is Improper 

Each of claims 3-4, 7-9, and 1 1-15 was also rejected as obvious over Yamamoto in view 
of Battou. However, each of these claims depends, either directly or indirectly, from one or 
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more of the claims addressed above. Therefore, these claims are patentable for at least the 
reasons set forth above, and the rejection of these claims is improper. Reversal of the rejection 
of these claims is therefore requested. 

B. The Rejection Of Claims 10, 17-24 And 54 As Obvious Over Yamamoto In 
View Of Battou In Further View Of Zara Is Improper 

Claims 10, 17-24, and 54 were rejected under 35 U.S.C. § 103(a) as obvious over 
Yamamoto in view of Battou and U.S. Pre-Grant Publication 2004/0015957 to Zara ("Zara"). 
Claim 10 depends (indirectly) from claim 1 and is therefore patentable for at least the reasons set 
forth above with respect to claim 1. Claims 17-24 and 54 are all independent claims that 
require, in various combination, one or more of the following limitations: (1) an NCE list 
substantially as discussed above with respect to claim 1, (2) an SCC list substantially as 
discussed above with respect to claim 16, and (3) a DCC list substantially as discussed above 
with respect to claims 5 and 6. This alone provides sufficient reason that the rejection of claims 
10, 17-24, and 54 is improper and should be reversed. 

Moreover, an additional element found in various claims among 17-24 and 54 is the 
"MAC list, said MAC list comprising an indication of network endpoints fi"om which 
management access is acceptable." Examiner concedes that the required MAC list is not present 
in Yamamoto or Battou and proposes U.S. Pre-grant publication 2004/0015957 by Zara ("Zara") 
to supply this missing limitation. While Zara does disclose so-called "MAC" addresses, these 
are media access control addresses, which are unique identifiers of network adapters in an 
Ethernet network. The "MAC list" of the pending claims is a management access control list, 
and has nothing to do with Ethernet MAC addresses. As can be seen from the plain language of 
the claim the MAC list must indicate the endpoints fi-om which management is acceptable. The 
MAC address used for intrusion detection in Zara does not even bear passing resemblance to a 
list of devices from which management access is permitted. Therefore the rejection of claims 
17-24 and 54 including this limitation is improper and should be reversed. 

Additionally, each of claims 17-24 and 54 incorporate in some way, shape, or form, the 
exclusive control limitation discussed above with respect to claim 1. For example, claim 17 is 
drawn to a network configuration entity "configured or adapted to exclusively control a defined 
set of management fimctions...." Similarly, claim 18 is drawn to a Fibre Channel switching 
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device . . . wherein a defined set of management functions is controlled throughout said secure 
network by a network configuration entity...." Each of the remaining claims 19-24 and 54 
include some variation of this limitation. However, as discussed above, Battou is drawn to a 
network in which the various functions enumerated in the claims are subject to distributed 
control among a plurality of NMS managers. Therefore, Battou fails to disclose the required 
exclusive control and is inappropriate for combination with other references because it teaches 
away from Applicant's claimed invention. See MPEP § 2143, et seq. 

Therefore, each of these claims is patentable for at least the reasons set forth above with 
respect to the corresponding limitations. The rejection of these claims is therefore improper. 

C. Conclusion 

For at least the reasons stated above. Applicants respectfully submit that all outstanding 
rejections should be reversed. Additionally, to the extent specific claims have not been 
addressed, these claims depend from one or more claims that are specifically addressed, and are 
therefore patentable for at least the same reasons as the claims specifically addressed. 
Applicants further believe that they have complied with each requirement for an appeal brief 

In the course of the foregoing discussions. Applicants may have at times referred to claim 
limitations in shorthand fashion, or may have focused on a particular claim element. This 
discussion should not be interpreted to mean that the other limitations can be ignored or 
dismissed. The claims must be viewed as a whole, and each limitation of the claims must be 
considered when determining the patentability of the claims. Moreover, it should be understood 
that there may be other distinctions between the claims and the prior art which have yet to be 
raised, but which may be raised in the future. 

If any fees are required or have been overpaid, please appropriately charge or credit those 
fees to Deposit Account Number 501922, referencing docket number 1 12-0020US. 
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Respectfully submitted, 



/Billy C.Allen III/ 



June 24, 2009 Billy C. Allen III, Reg. No. 46,147 

Wong, Cabello, Lutsch, 

Rutherford & Brucculeri, L.L.P. 

Filed Electronically 20333 State Hwy 249, Suite 600 

Houston, TX 77070 
832-446-2409 
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VIII. CLAIMS APPENDIX 

1 . (original) A network configuration entity configured or adapted to exclusively control a 
defined set of management functions throughout a secure network, said secure network 
comprising a plurality of switching devices, said set of management functions comprising 
the recognition, operation and succession of the network configuration entity. 

2. (original) The network configuration entity of claim 1 further comprising a memory for 
storing an NCE list, said NCE list comprising an indication of each device in the network 
that may operate as said network configuration entity. 

3. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprise one or more rules for interaction between and among devices 
in the network. 

4. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises device connection controls that indicate port relationships in 

said secure network 

5. (original) The network configuration entity of claim 4 further comprising a memory for 
storing a DCC list, said DCC list associated with said one or more rules for interaction 
between and among devices and comprising definitions that logically bind a port on the 
network configuration entity, to one or more other ports resident in the secure network. 

6. (original) The network configuration entity of claim 3 fiirther comprising a memory for 
storing a DCC list, said DCC list associated with said one or more rules for interaction 
between and among devices and comprising definitions that logically bind each port in 
said secure network to one or more other ports resident in said said network. 

7. (previously presented) The network configuration entity of claim 6 wherein said ports are 
identified by a unique number. 

8. (previously presented) The network configuration entity of claim 7 wherein said unique 
number is a world-wide-name. 
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9. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises management access controls that restrict management 
services to a defined set of endpoints. 

10. (original) The network configuration entity of claim 9 further comprising a memory for 
storing an MAC list, said MAC list comprising an indication of network endpoints from 
which management access is acceptable. 

1 1 . (previously presented) The network configuration entity of claim 9 wherein said network 

endpoints comprise IP addresses. 

12. (previously presented) The network configuration entity of claim 11 wherein said IP 
addresses are associated with access from SNMP or Telnet or HTTP or API. 

13. (previously presented) The network configuration entity of claim 9 wherein said network 
endpoints comprise uniquely identified device ports. 

14. (previously presented) The network configuration entity of claim 9 wherein said network 
endpoints comprise uniquely identified devices resident in said secure network. 

15. (original) The network configuration entity of claim 1 wherein said set of management 
functions further comprises switch connection controls for designating devices to 
participate in the secure network. 

16. (original) The network configuration entity of claim 15 further comprising a memory for 
storing an SCC list, said SCC list associated with said switch connection controls and 
comprising a list of devices authorized to participate in said secure network. 
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17. (previously presented) A network configuration entity configured or adapted to 
exclusively control a defined set of management functions throughout a secure network, 
said secure network comprising a plurality of switching devices, said set of management 
functions comprising (i) the recognition, operation and succession of the network 
configuration entity, (ii) switch connection controls for designating devices to participate 
in the secure network, (iii) device connection controls that indicate port relationships in 
said secure network, and (iv) management access controls that restrict management 
services to a defined set of endpoints, said network configuration entity comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list comprising an indication of each device in the network 

that may operate as said network configuration entity, 
an sec list, said SCC list comprising an indication of each device allowed to 

participate in said secure network, 
a DCC list, said DCC list associated with said one or more rules for interaction 

between and among devices and comprising definitions that logically bind a port 

on the network configuration entity, to one or more other ports resident in the 

secure network, and, 

a MAC list, said MAC list comprising an indication of network endpoints from 
which management access is acceptable. 
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18. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, (ii) switch 
connection controls for designating devices to participate in the secure network, (iii) 
device connection controls that indicate port relationships in said secure network, and (iv) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE list, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, 

an sec list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network, and, 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access 
is acceptable. 
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19. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) switch 
connection controls for designating devices to participate in the secure network, said 
Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE hst, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

an sec list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network. 

20. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) device 
connection controls that indicate port relationships in said secure network, said Fibre 
Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE hst, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network. 
29 
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21. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) the 
recognition, operation and succession of the network configuration entity, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an NCE hst, said NCE list associated with said recognition, operation and succession 
of the network configuration entity and comprising an indication of each device 
in the network that may operate as said network configuration entity, and 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access 
is acceptable. 

22. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) switch 
connection controls for designating devices to participate in the secure network, and (ii) 
device connection controls that indicate port relationships in said secure network, said 
Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an sec list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, and 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network. 
30 

1 12-0020US Revised Appeal Brief 



Application No. 10/066,251 
Appeal Brief 

23. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) switch 
connection controls for designating devices to participate in the secure network, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

an sec list, said SCC list associated with said switch connection controls and 
comprising an indication of each device allowed to participate in said secure 
network, and 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access 
is acceptable. 

24. (original) A Fibre Channel switching device configured or adapted to operate in a secure 
network wherein a defined set of management functions is controlled throughout said 
secure network by a network configuration entity, said secure network comprising a 
plurality of switching devices, said set of management functions comprising (i) device 
connection controls that indicate port relationships in said secure network, and (ii) 
management access controls that restrict management services to a defined set of 
endpoints, said Fibre Channel switching device comprising: 

a processor; and 

a memory for storing 

a DCC list, said DCC list associated with said device connection controls and 
comprising definitions that logically bind a port on the network configuration 
entity, to one or more other ports resident in the secure network, and, 

a MAC list, said MAC list associated with said management access controls and 
comprising an indication of network endpoints from which management access 
is acceptable. 
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25. (original) A network comprising a network configuration entity and one or more other 
entities, said network configuration entity having network-wide control over a defined set 
of management functions, said set of management functions comprising: 

the recognition, operation and succession of the network configuration entity; 
one or more rules for interaction between and among entities in the network; 
one or more rules governing management level access to the network; and 
one or more rules governing management level access to one or more entities. 

26. (original) The network of claim 25 wherein said function of recognition, operation and 
succession of the network configuration entity is associated with a list of network devices 
that are eligible to become equivalent to said network configuration entity. 

27. (original) The network of claim 25 wherein the network configuration entity has 
exclusive control over one or more of said management functions. 

28. (original) The network of claim 25 further comprising one or more back-up network 
configuration entities. 

29. (original) The network of claim 25 wherein each of said security and management 
functions corresponds with a data structure in a memory. 

30-53 (cancelled) 

54. (original) A method of securing a network having a Fibre Channel switching device 
configured or adapted to operate in a secure network wherein a defined set of 
management function is controlled throughout said secure network by a network 
configuration entity, said method comprising the steps of: 

controlling the recognition, operation and succession of the network configuration 
entity by designating an NCE list comprising an indication of each device in the 
network that may operate as said network configuration entity; 
designating a unique name for each devices that may participate in the secure 
network; 

32 

1 12-0020US Revised Appeal Brief 



Application No. 10/066,251 
Appeal Brief 

indicating port relationships in said secure network to specifically delineate a list of 

unique names for ports that any given port may communicate with; and 
restricting management access to a pre-defined set of access methods. 
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IX. EVIDENCE APPENDIX 

None. 

X. RELATED PROCEEDINGS APPENDIX 

None. 
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